[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Re commit: ldap/libraries/libldap sasl.c

Howard Chu wrote:
Ralf Haferkamp wrote:

On Thursday 14 October 2010 02:02:17 Howard Chu wrote:
hyc@OpenLDAP.org wrote:
Update of /repo/OpenLDAP/pkg/ldap/libraries/libldap

Modified Files:
	sasl.c  1.82 ->    1.83

Log Message:
More for prev commit. What about ldap_pvt_sasl_getmechs() ?



Changes are generally available on cvs.openldap.org (and CVSweb)
within 30 minutes of being committed.

Please review and comment, thanks.
It seems that SASL/GSSAPI binds broke somehow. At least for me
ldapsearch from current HEAD hangs in ldap_int_select(). I have 2.4.23
on the server side. Here is the end of ldapsearch's debug output:

Thanks, I suspected that might happen. I only tested DIGEST-MD5 and EXTERNAL
so far. Will look into it shortly.

All working for me now.

Looking at it again, it strikes me that perhaps this restructuring was an
exercise in futility. The ldap_host_connected_to() function can block doing a
DNS lookup, and also the GSSAPI mechanism can block while obtaining a service
ticket. (In addition to any blocking during ldap_pvt_sasl_getmechs()...) As
such, it would need a lot more work to make it fully asynchronous. We could
create the infrastructure needed to make ldap_host_connected_to() and
ldap_pvt_sasl_getmechs() fully asynch, but we have no such control over the
SASL mechanisms.

Still dunno what to do with this. Is it better than nothing?

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/